janosbless utworzono 4 grudnia 2010 utworzono 4 grudnia 2010 Witam. Po właczeni google chrome bądź IE jest od razu ładowana strona QOOQLLE. Słyszałem że infekcja obejmuje tez Mozille. Wie ktoś moze jak sie tego pozbyć, jakich programów uzyć itd? Posiadam AVG który cieżko sobie z tym radzi. prosze o pomoc
Filo1 komentarz 4 grudnia 2010 komentarz 4 grudnia 2010 (edytowane) mówisz o google.pl?? @@EDIT sory już wiem to jest infekcja.. wrzuć logi z OTL i RSiT http://www.forumpc.pl/index.php?showtopic=104338
janosbless komentarz 4 grudnia 2010 Autor komentarz 4 grudnia 2010 (edytowane) [quote name='Filo1' timestamp='1291468745' post='1134633'] mówisz o google.pl?? [/quote] mówie o qooqle.pl pisane przez Q. Kilka dni temu w mozilla firefox zaczęły się dziać dziwne rzeczy. strona startowa zmieniona z google na hxxp (coś tam) qooqlle, a przy tym ustawienia przeglądarki na zapamiętywanie haseł, ściąganie plików do konkretnego katalogu, aktualizacje bez pytania. Także dziwne mruganie (czasem) ekranu, które wcześniej nie mialo miejsca. Oczywiście zmieniłem ustawienia, ale po restarcie kompa znowu to samo. Win patrol po restarcie krzyczy, że zostały dokonane zmiany w IE - czy się zgadzam? klikam że nie i jest ok. (ale tylko w IE) mam ustawione że Fire Moz jest moją główną przeglądarką. tam oczywiście znowu to samo. pogrzebałem trochę w firefoxie i w plikach w C:\Documents and Settings\jaro\Data aplikací\Mozilla\Firefox\Profiles\prefs.js oraz qooqlle.xml zamieniłem wpisy z qooqlle na google i przestawiłem jako pliki tylko do odczytu. pomogło to na tyle, że nie otwiera się ta strona. ustawienia fire moz dalej się zmieniają. wykonałem skany programami: mbam, pc tools spyware doctor, ad-aware, oraz mam zainstalowany avast free oraz pc tools firewall plus. programy te zlikwidowały kilkanaście różnych virów, robaków. użyłem ccleaner, wyczyściłem co się dało. sprawdziłem tdsskiller i nic. caly czas to samo. poczytalem kilkanaście postów na waszej stronie i postanowilem zwrócić się o pomoc do was. Zrobiłem logi, które załączam na stronie. Mam w domu 3 PC, wszystkie z oryginalnym winem, kilkanaście lat pracuję z kompem i zawsze jakos udawalo mi się wybrnąć z podobnych sytuacji bez formatu, jednak myślę, że teraz to co się dzieje, jest tylko wierzchołkiem góry lodowej. załalczam otl i rsit
nuutka911 komentarz 5 grudnia 2010 komentarz 5 grudnia 2010 witam, ja tez mam taki problem.. po uruchomieniu przegladarki (Chrome) uruchamia się strona qooqle.pl.. bardzo prosze o pomoc w rozwiazaniu problemu..
drskalpel komentarz 8 grudnia 2010 komentarz 8 grudnia 2010 Qooqle Występuje u mnie ten sam problem - po otwarciu firefoxa zamiast google jest qooqle. Zmiana strony domowej pomaga do czasu ponownego uruchomienia windowsa. Proszę o pomoc... [attachment=13585:OTL.Txt] [attachment=13586:Extras.Txt]
wojopl komentarz 11 grudnia 2010 komentarz 11 grudnia 2010 (edytowane) Nie aktualny post. Jak to się kasuje?
Gość komentarz 11 grudnia 2010 komentarz 11 grudnia 2010 Więc tak najpierw polecam przeszperanie komputera programem ComboFix , jesli nie pomoże to będziemy coś dalej myślec Pozdro
wojopl komentarz 11 grudnia 2010 komentarz 11 grudnia 2010 Witam, CarmelO - wolałbym combofixa odpuścić bo nie mam gdzie backupa sobie zrobić Chyba udało mi się wyeliminować problem, ale nie jestem pewny czy to by było wszystko wiec mimo to prosiłbym dobrych ludzi o przeanalizowanie moich logów po czyszczeniu. 1. Znalazłem na forum jak Tomek01 podał w [b][url="http://www.forumpc.pl/index.php?showtopic=186707"]TYM[/url][/b] poście jak się tego pozbyć. Porada była pewnie na inny system niż XP Pro (może na Vistę lub 7) więc nie wszystko chyba zadziałało (mam XP Pro) pomimo drobnej zmiany z mojej strony tj. zmieniłem w jednej linijce nazwę użytkownika. Załączam log który wkleiłem do OTL: [log]:Processes Explorer.exe :OTL FF - prefs.js..browser.search.selectedEngine: "qooqlle" O4 - HKLM..\Run: [GProton] C:\ProgramData\GProton.exe () :Files C:\Users\wojo\AppData\Local\Temp*.html [color="#FF0000"]// Tutaj zmieniłem nazwę użytkownika z "Tymon" na "wojo"[/color] C:\ProgramData\GProton.exe :Commands [emptytemp] [start explorer] [Reboot] [/log] Otrzymałem taki wynik po restarcie: [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Prefs.js: "qooqlle" removed from browser.search.selectedEngine Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GProton deleted successfully. File C:\ProgramData\GProton.exe not found. ========== FILES ========== File\Folder C:\Users\wojo\AppData\Local\Temp*.html not found. File\Folder C:\ProgramData\GProton.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33423 bytes User: wojo ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 52949139 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 2482 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 3188986 bytes %systemroot%\System32 .tmp files removed: 61835147 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes Session Manager Temp folder emptied: 950728 bytes Session Manager Tmp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 114,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12112010_133042 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] Zauważyłem że nie wszystko się udało więc zrobiłem kolejne czyszczenie z OTL tym razem bez żadnych zmian czyli zostawiłem "Tymon" bez zmian. Nowy log po restarcie: [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Prefs.js: "qooqlle" removed from browser.search.selectedEngine Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GProton not found. File C:\ProgramData\GProton.exe not found. ========== FILES ========== File\Folder C:\Users\Tymon\AppData\Local\Temp*.html not found. File\Folder C:\ProgramData\GProton.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: wojo ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 4884330 bytes ->Google Chrome cache emptied: 5903341 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 456 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes Session Manager Temp folder emptied: 792 bytes Session Manager Tmp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 10,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12112010_134231 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] Ale też nie znalazł pliku "GProton.exe" - więc sam go wyszukałem (był tu: "c:\Documents and Settings\All Users\GProton.exe") i ręcznie usunąłem natomiast plików "Temp*.html" nie udało mi się znaleźć bo pewnie wywaliłem je CCleaner'em zaraz po restarcie. Generalnie [b]problem z "qooqlle" ustąpił[/b] (bynajmniej nie zaobserwowałem po kilku restartach by coś było nie tak). 2. Prośba o przeanalizowanie moich nowych logów po czyszczeniu co opisałem powyżej. [i][b]Logi z OTL (Extras.txt, OTL.txt):[/b][/i] [log]OTL Extras logfile created on: 2010-12-11 14:34:54 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\wojo\Pulpit\OTL Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 4,59 Gb Free Space | 23,48% Space Free | Partition Type: NTFS Drive D: | 17,71 Gb Total Space | 0,36 Gb Free Space | 2,05% Space Free | Partition Type: NTFS Drive E: | 37,31 Gb Total Space | 0,49 Gb Free Space | 1,31% Space Free | Partition Type: NTFS Drive O: | 74,56 Gb Total Space | 0,04 Gb Free Space | 0,05% Space Free | Partition Type: NTFS Drive S: | 6,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive U: | 49,81 Gb Total Space | 0,08 Gb Free Space | 0,17% Space Free | Partition Type: NTFS Drive Z: | 36,13 Gb Total Space | 22,57 Gb Free Space | 62,47% Space Free | Partition Type: NTFS Computer Name: FMX55 | User Name: wojo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OpenNew] -- cmd.exe /k cd %1 (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiSpywareOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 4 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Tlen.pl\tlen.exe" = C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl -- (o2.pl Sp. z o.o.) "D:\Gry\Spellforce Solucje\Delfynn Delage\utorrent.exe" = D:\Gry\Spellforce Solucje\Delfynn Delage\utorrent.exe:*:Enabled:µTorrent -- File not found "C:\Program Files\Virgin Interactive\Original War\OwarFull.dll" = C:\Program Files\Virgin Interactive\Original War\OwarFull.dll:*:Disabled:OwarFull -- File not found "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation) "C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Download.exe" = C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Download.exe:*:Enabled:ASUS Download Master Utility -- (ASUSTeK COMPUTER INC.) "F:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE" = F:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- File not found "F:\Inne Programy\Programy\avi\Odtwarzacze\VLC\vlc.exe" = F:\Inne Programy\Programy\avi\Odtwarzacze\VLC\vlc.exe:*:Enabled:VLC media player -- File not found "C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe" = C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Disabled:DarkCrusade -- File not found "C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Discovery.exe" = C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application -- (ASUSTeK COMPUTER INC.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "E:\uTorrent\uTorrent.exe" = E:\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found "C:\Program Files\Beta StarCraft II\StarCraft II.exe" = C:\Program Files\Beta StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- File not found "C:\Program Files\Beta StarCraft II\Versions\Base14803\SC2.exe" = C:\Program Files\Beta StarCraft II\Versions\Base14803\SC2.exe:*:Enabled:StarCraft II -- File not found "C:0\uTorrent\uTorrent.exe" = C:0\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:1\uTorrent\uTorrent.exe" = C:1\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:2\uTorrent\uTorrent.exe" = C:2\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:3\uTorrent\uTorrent.exe" = C:3\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:4\uTorrent\uTorrent.exe" = C:4\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:5\uTorrent\uTorrent.exe" = C:5\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:6\uTorrent\uTorrent.exe" = C:6\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:\Program Files\TightVNC\vncviewer.exe" = C:\Program Files\TightVNC\vncviewer.exe:*:Enabled:vncviewer -- (TightVNC Group) "C:\Program Files\TightVNC\WinVNC.exe" = C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (TightVNC Group) "C:7\uTorrent\uTorrent.exe" = C:7\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "C:8\uTorrent\uTorrent.exe" = C:8\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe "O:\utorrent.exe" = O:\utorrent.exe:*:Enabled:µTorrent -- File not found "O:\uTorrent\utorrent.exe" = O:\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE" = D:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.) "D:\Gry\Original War\OwarFull.dll" = D:\Gry\Original War\OwarFull.dll:*:Enabled:OwarFull -- () "E:\Gry\Warcraft III\War3.exe" = E:\Gry\Warcraft III\War3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment) "C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe" = C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe:*:Enabled:Rollcage Main Game Executable -- (Attention To Detail) "C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation) "E:\Gry\StarCraft II\StarCraft II.exe" = E:\Gry\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment) "E:\Gry\StarCraft II\Versions\Base15405\SC2.exe" = E:\Gry\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.) "E:\Gry\Helgate London\Launcher.exe" = E:\Gry\Helgate London\Launcher.exe:*:Enabled:Hellgate: London -- (Flagship Studios) "C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish "{09A9504A-6DA0-40FC-A519-90BE04132685}" = Klient programu Zarządzanie prawami Windows z dodatkiem Service Pack 2 "{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common "{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis "{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0 "{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{212F5777-1190-4DEF-8E4D-6B2F313B45E7}" = PerfectDisk "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard "{253AD5C7-94ED-44BF-AA0C-890A80817A87}_is1" = Boilsoft Video Splitter 6.11 "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish "{27BF988A-AD38-41F2-8012-B797A2BC7285}" = Sun xVM VirtualBox "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English "{2FBF04DC-404C-4FA4-BA28-99903080D2B9}" = Magnifier Powertoy for Windows XP "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation "{31BFEC6C-1F27-45B5-839C-BCBAE327993A}" = OpenOffice.org 3.0 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian "{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch "{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist "{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP "{685A56F8-75B6-44AD-B3DA-FB0A3266B47C} " = Adobe Flash Player 9 Plugin "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme "{8186E1B9-DDC6-45B6-B9EB-C28947CBC4CF}" = Adobe Flash Player 9 ActiveX "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{9984DF60-1C5B-11D3-ACA1-908A4FC10801}" = Intel Application Accelerator "{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A4761FB2-072A-4F17-B4D7-C0640CF52D58}" = ASUS WL-500gP V2 Wireless Router Utilities "{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP "{A743BBCC-3438-4BB3-8397-6C9D9AC125A6}" = Timershot Powertoy for Windows XP "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai "{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP "{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese "{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD}" = Slideshow Generator Powertoy for Windows XP "{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing "{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29 "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static "{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010 "{EC905264-BCFE-423B-9C42-C3A106266790}" = Dodatek SP2 na potrzeby zgodności z poprzednimi wersjami Klienta programu Zarządzanie prawami Windows "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F251B999-08A9-4704-999C-9962F0DFD88E}" = Virtual Desktop Manager Powertoy for Windows XP "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian "{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 9.75 Free Edition "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Rozszerzenie HighMAT do Kreatora zapisywania dysku CD w systemie Microsoft Windows XP "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "3D Matrix Corridors_is1" = 3D Matrix Corridors 1.0 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "ALLPlayer V2.4 FULL_is1" = ALLPlayer V2.4 "ALLPlayer V3.2_is1" = ALLPlayer V3.X "Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009 "Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60 "ATI Display Driver" = ATI Display Driver "AVIcodec" = AVIcodec (remove only) "Boilsoft Video Joiner_is1" = Boilsoft Video Joiner 5.32 "Boilsoft Video Splitter_is1" = Boilsoft Video Splitter 5.01 "Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1218 "BurnInTest_is1" = BurnInTest v6.0 Pro "CCleaner" = CCleaner "Comodo Dragon" = Comodo Dragon "COMODO Internet Security" = COMODO Internet Security "DivX Setup.divx.com" = DivX Setup "doPDF 7 printer_is1" = doPDF 7.2 printer "DOSBox_is1" = DOSBox 0.63 "Driver Magician_is1" = Driver Magician 3.5 "EarthView" = EarthView "EasyRecovery" = EasyRecovery Professional Edition "ESET Online Scanner" = ESET Online Scanner v3 "Ext2Ifs_for_NT501" = Ext2 IFS 1.11a for Windows XP "FastStone Image Viewer" = FastStone Image Viewer 4.0 "Foxit PDF Editor" = Foxit PDF Editor "Foxit Reader" = Foxit Reader "FuzzyLogic4" = FuzzyLogic4 "Glary Utilities_is1" = Glary Utilities 2.18.0.786 "GOM Player" = GOM Player "Google Chrome" = Google Chrome "GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70 "GTK2-Runtime" = GTK2-Runtime "HD Tune_is1" = HD Tune 2.55 "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full) "Liveupdate4_is1" = Liveupdate4 "MediaCoder" = MediaCoder 0.6.1 "MediaInfo" = MediaInfo 0.7.37 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MultiRes (remove only)" = MultiRes (remove only) "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NOD32" = NOD32 Antivirus System "OpenAL" = OpenAL "Original War" = Original War "Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0 "PITy 2008_is1" = PITy 2008 dla Windows kompilacja:1.0.2.8 "PITy 2009_is1" = PITy 2009 dla Windows kompilacja:1.1.2.8 "QuicktimeAlt_is1" = QuickTime Alternative 1.76 "Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools "RealAlt_is1" = Real Alternative 1.8.0 "Rollcage" = Rollcage "Sacred Underworld_is1" = Sacred Underworld "Sacred_is1" = Sacred "StarCraft II" = StarCraft II "SubEdit-Player_is1" = SubEdit-Player "SystemRequirementsLab" = System Requirements Lab "Tango 98_is1" = Tango 98 v.4.04 "The KMPlayer" = The KMPlayer (remove only) "TightVNC_is1" = TightVNC 1.3.10 "Tlen.pl" = Tlen.pl "TrueCrypt" = TrueCrypt "Unlocker" = Unlocker 1.8.5 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.6 "WinRAR archiver" = Archiwizator WinRAR "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CDisplay_is1" = CDisplay 1.8 "InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist "uTorrent" = µTorrent "Warcraft III" = Warcraft III: wszystkie elementy [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-12-11 08:57:50 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:57:57 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:00 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:02 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:04 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:05 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:06 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:08 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:09 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-12-11 08:58:11 | Computer Name = FMX55 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. [ System Events ] Error - 2010-12-11 08:42:39 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-11 08:45:49 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DriverAgent Class Driver z powodu następującego błędu: %%2 Error - 2010-12-11 08:45:49 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą HDDlife HDD Access service. Error - 2010-12-11 08:45:49 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi HDDlife HDD Access service z powodu następującego błędu: %%1053 Error - 2010-12-11 08:53:01 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7034 Description = Usługa BlueSoleil Hid Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-11 08:53:05 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-11 08:53:10 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7034 Description = Usługa Usługa bramy warstwy aplikacji niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-11 08:57:38 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi DriverAgent Class Driver z powodu następującego błędu: %%2 Error - 2010-12-11 08:57:38 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą HDDlife HDD Access service. Error - 2010-12-11 08:57:38 | Computer Name = FMX55 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi HDDlife HDD Access service z powodu następującego błędu: %%1053 < End of report > [/log] [log]OTL logfile created on: 2010-12-11 14:34:54 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\wojo\Pulpit\OTL Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 4,59 Gb Free Space | 23,48% Space Free | Partition Type: NTFS Drive D: | 17,71 Gb Total Space | 0,36 Gb Free Space | 2,05% Space Free | Partition Type: NTFS Drive E: | 37,31 Gb Total Space | 0,49 Gb Free Space | 1,31% Space Free | Partition Type: NTFS Drive O: | 74,56 Gb Total Space | 0,04 Gb Free Space | 0,05% Space Free | Partition Type: NTFS Drive S: | 6,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive U: | 49,81 Gb Total Space | 0,08 Gb Free Space | 0,17% Space Free | Partition Type: NTFS Drive Z: | 36,13 Gb Total Space | 22,57 Gb Free Space | 62,47% Space Free | Partition Type: NTFS Computer Name: FMX55 | User Name: wojo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-12-11 12:28:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\wojo\Pulpit\OTL\OTL.exe PRC - [2010-02-10 20:25:34 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2010-02-10 20:24:59 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2010-01-09 18:13:59 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exe PRC - [2010-01-09 18:13:59 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-08-25 09:06:26 | 000,566,800 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\RAXCO\PerfectDisk\PDEngine.exe PRC - [2006-08-25 09:06:14 | 000,439,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\RAXCO\PerfectDisk\PDAgent.exe PRC - [2005-04-06 15:03:28 | 000,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-12-11 12:28:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\wojo\Pulpit\OTL\OTL.exe MOD - [2010-02-10 20:28:18 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-02-10 20:24:59 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2010-01-09 18:13:59 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn) SRV - [2009-08-19 18:04:40 | 000,822,936 | ---- | M] (BinarySense, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\BinarySense\hldasvc.exe -- (HDDlife HDD Access service) SRV - [2006-08-25 09:06:26 | 000,566,800 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine) SRV - [2006-08-25 09:06:14 | 000,439,824 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent) SRV - [2005-04-06 15:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\agentcd.sys -- (AgentCD) DRV - [2010-10-25 18:46:37 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt) DRV - [2010-07-04 19:44:01 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010-07-04 19:03:40 | 000,107,264 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenic.sys -- (RTL8023) DRV - [2010-05-10 09:44:48 | 000,022,328 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys -- (MSI_DVD_010507) DRV - [2010-05-10 09:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-05-10 09:44:36 | 000,016,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys -- (MSI_VGASYS_010507) DRV - [2010-02-10 20:28:14 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2010-02-10 20:28:12 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2010-02-10 20:28:11 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2010-01-09 18:14:03 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON) DRV - [2010-01-09 18:13:58 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv) DRV - [2009-01-21 19:13:56 | 000,087,312 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009-01-21 19:13:56 | 000,041,680 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009-01-21 19:13:54 | 000,031,824 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxUSB.sys -- (VBoxUSB) DRV - [2009-01-21 19:13:52 | 000,100,560 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2008-09-25 16:35:24 | 000,181,120 | ---- | M] (Stephan Schreiber) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ext2fs.sys -- (Ext2fs) DRV - [2008-08-28 21:45:58 | 000,051,072 | ---- | M] (Stephan Schreiber) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ifsmount.sys -- (IfsMount) DRV - [2008-07-05 21:05:31 | 000,085,969 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer) DRV - [2008-06-06 08:24:44 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008-05-19 12:51:31 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-05-15 02:24:32 | 000,171,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW) DRV - [2008-05-07 06:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-05-07 06:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-05-07 06:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2007-12-14 08:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS) DRV - [2007-12-03 16:06:59 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ndis3pkt.sys -- (NDIS3Pkt) DRV - [2007-11-05 08:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2007-07-12 10:49:16 | 000,096,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2007-07-04 15:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD) DRV - [2006-11-28 20:46:28 | 000,052,800 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50) DRV - [2006-08-10 13:34:36 | 000,062,480 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS) DRV - [2006-01-15 16:31:48 | 000,002,103 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\KeybdIO.SYS -- (KeybdIO) DRV - [2005-08-10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005-05-31 14:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2005-05-31 08:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005-04-30 13:50:24 | 000,011,736 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VHIDMini.sys -- (VHidMinidrv) DRV - [2005-04-30 13:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2005-04-30 13:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2005-04-30 13:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT) DRV - [2005-03-25 16:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2004-12-16 15:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter) DRV - [2004-10-19 12:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004-08-03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2002-10-14 23:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R) DRV - [2002-10-14 23:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys -- (IdeBusDr) DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv) DRV - [2002-09-09 18:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) DRV - [2002-07-17 19:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Usługa instalacyjna sterownika audio Intel(r) 82801 (WDM) DRV - [1998-02-26 14:10:28 | 000,025,632 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\A4SII300.SYS -- (A4SII300) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-1177238915-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.26 FF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.1 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.99999 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-31 14:25:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-21 19:42:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2008-07-02 11:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Extensions [2010-12-05 19:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions [2010-06-25 18:42:54 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009-12-18 11:53:23 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2010-06-25 18:42:57 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2008-10-11 12:02:04 | 000,000,000 | ---D | M] (FoxGame) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051} [2010-04-30 16:45:59 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-06-25 18:43:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2008-11-22 14:20:41 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb} [2010-01-23 11:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\searchbtj@sogame.cat [2010-12-11 12:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\extensions\toolbar@ask.com [2008-04-24 19:17:14 | 000,001,256 | ---- | M] () -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\searchplugins\forum-dvhk.xml [2010-12-11 12:02:53 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\wojo\Dane aplikacji\Mozilla\Firefox\Profiles\r0igfog6.default\searchplugins\search.xml [2010-12-05 19:50:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-11-21 19:42:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-21 19:41:41 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-07-31 14:25:30 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-07-31 14:25:30 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-07-31 14:25:30 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-07-31 14:25:30 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-07-31 14:25:30 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-07-31 14:25:30 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-01-15 06:42:18 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset ) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1177238915-651377827-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm () O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownload.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\System32\imon.dll (Eset ) O15 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\..Trusted Domains: com ([www.msi] http in Zaufane witryny) O15 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\..Trusted Domains: com.tw ([asia.msi] http in Zaufane witryny) O15 - HKU\S-1-5-21-1177238915-651377827-839522115-1003\..Trusted Domains: com.tw ([global.msi] http in Zaufane witryny) O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O18 - Protocol\Handler\hddlife {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\wojo\Dane aplikacji\DeskSoft\EarthView\EarthView.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\wojo\Dane aplikacji\DeskSoft\EarthView\EarthView.bmp O29 - HKLM SecurityProviders - (mcenspc.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-06-16 22:11:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-04-22 16:56:38 | 000,000,000 | -HSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-04-22 17:05:58 | 000,000,000 | -HSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2007-10-06 02:27:57 | 000,000,048 | R--- | M] () - S:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2010-04-22 17:21:47 | 000,000,000 | RHSD | M] - U:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\g:) - File not found O34 - HKLM BootExecute: (pdboot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]DivXUpdate[/b] - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: [b]NSSInstallation[/b] - hkey= - key= - C:\Program Files\DivX\Symantec\scstubinstaller.exe (Symantec Corporation) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-11 13:54:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\wojo\Recent [2010-12-11 13:30:42 | 000,000,000 | ---D | C] -- C:\_OTL [2010-12-11 13:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-12-11 13:05:47 | 000,000,000 | ---D | C] -- C:\rsit [2010-12-11 13:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Pulpit\OTL [2010-12-11 13:05:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Pulpit\RSIT [2010-12-05 14:52:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS [2010-12-05 14:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode [2010-12-04 13:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Softland [2010-12-04 13:37:34 | 000,022,856 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmn7.dll [2010-12-04 13:37:34 | 000,019,784 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmi7.dll [2010-12-04 13:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\Softland [2010-11-30 19:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVIcodec [2010-11-30 19:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Ustawienia lokalne\Dane aplikacji\OpenCandy [2010-11-30 19:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Dane aplikacji\OpenCandy [2010-11-30 19:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo [2010-11-30 18:57:54 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2010-11-30 18:57:53 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2010-11-30 18:57:53 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2010-11-30 18:52:49 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2010-11-27 19:50:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Ustawienia lokalne\Dane aplikacji\AskToolbar [2010-11-25 08:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Pulpit\TXT [2010-11-25 08:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Pulpit\Programy [2010-11-25 08:45:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Pulpit\Gry [2010-11-25 08:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\EarthView [2010-11-25 08:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Dane aplikacji\DeskSoft [2010-11-21 19:42:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-11-14 12:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Dane aplikacji\vlc [2010-11-10 17:40:15 | 000,000,000 | ---D | C] -- C:\Program Files\3D Matrix Corridors [2010-10-30 10:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\wojo\Dane aplikacji\Boilsoft [2010-10-30 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Boilsoft Video Splitter [2010-10-25 18:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2010-10-25 17:47:29 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2 [3 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-11 13:55:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-11 13:40:45 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\wojo\Pulpit\OTL.rtf [2010-12-10 17:38:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-08 13:19:36 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat [2010-12-07 21:00:18 | 000,000,904 | ---- | M] () -- C:\WINDOWS\VPlayer.INI [2010-12-07 21:00:17 | 000,000,020 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl [2010-12-05 16:34:08 | 000,001,003 | ---- | M] () -- C:\Documents and Settings\wojo\Pulpit\cach.lnk [2010-12-04 14:01:26 | 001,000,571 | ---- | M] () -- C:\Documents and Settings\wojo\Moje dokumenty\pl.wikipedia.org_wiki_Dieta_aspirynowa.pdf [2010-12-04 13:59:23 | 000,084,613 | ---- | M] () -- C:\Documents and Settings\wojo\Moje dokumenty\Dieta aspirynowa – Wikipedia, wolna encyklopedia.pdf [2010-12-02 09:00:24 | 000,022,856 | ---- | M] (Softland) -- C:\WINDOWS\System32\dopdfmn7.dll [2010-12-02 09:00:22 | 000,019,784 | ---- | M] (Softland) -- C:\WINDOWS\System32\dopdfmi7.dll [2010-11-28 22:17:09 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-11-26 10:21:21 | 000,001,770 | ---- | M] () -- C:\Documents and Settings\wojo\Pulpit\PKS Kożuchów.rtf [2010-11-26 10:14:23 | 000,002,332 | ---- | M] () -- C:\Documents and Settings\wojo\Pulpit\PKS Kozuchów_2.rtf [2010-11-25 10:41:46 | 000,007,549 | ---- | M] () -- C:\WINDOWS\System32\dopdf7.ctm [2010-11-25 08:42:30 | 000,102,400 | ---- | M] () -- C:\WINDOWS\EarthView.scr [2010-11-24 11:38:25 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [2010-11-11 20:07:56 | 000,000,518 | ---- | M] () -- C:\Documents and Settings\wojo\Pulpit\uTorrent.lnk [2010-11-07 16:11:03 | 000,000,095 | ---- | M] () -- C:\WINDOWS\FS115Dg.Ini [2010-11-06 21:20:43 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-11-03 18:35:41 | 000,494,308 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-03 18:35:41 | 000,436,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-03 18:35:41 | 000,086,968 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-03 18:35:41 | 000,070,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-10-25 19:25:11 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-10-25 18:46:37 | 000,231,248 | ---- | M] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys [2010-10-25 18:07:20 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010-10-23 09:16:09 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\wojo\Pulpit\CCleaner.lnk [2010-10-21 17:43:21 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\wojo\.recently-used.xbel [2010-10-18 09:00:00 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-10-18 09:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini [2010-10-16 16:57:08 | 000,000,163 | ---- | M] () -- C:\WINDOWS\WININIT.INI [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-11 13:27:58 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\wojo\Pulpit\OTL.rtf [2010-12-05 16:34:08 | 000,001,003 | ---- | C] () -- C:\Documents and Settings\wojo\Pulpit\cach.lnk [2010-12-04 14:01:24 | 001,000,571 | ---- | C] () -- C:\Documents and Settings\wojo\Moje dokumenty\pl.wikipedia.org_wiki_Dieta_aspirynowa.pdf [2010-12-04 13:58:57 | 000,084,613 | ---- | C] () -- C:\Documents and Settings\wojo\Moje dokumenty\Dieta aspirynowa – Wikipedia, wolna encyklopedia.pdf [2010-11-30 18:57:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-11-30 18:57:54 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml [2010-11-30 18:57:53 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-11-30 18:57:53 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-11-30 18:57:52 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-11-30 18:53:03 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-11-26 10:16:18 | 000,001,770 | ---- | C] () -- C:\Documents and Settings\wojo\Pulpit\PKS Kożuchów.rtf [2010-11-26 09:50:28 | 000,002,332 | ---- | C] () -- C:\Documents and Settings\wojo\Pulpit\PKS Kozuchów_2.rtf [2010-11-25 08:42:30 | 000,102,400 | ---- | C] () -- C:\WINDOWS\EarthView.scr [2010-11-10 17:40:49 | 000,003,844 | ---- | C] () -- C:\WINDOWS\System32\3d Matrix Corridors.htm [2010-11-10 17:40:46 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ImxEx.dll [2010-11-10 17:40:31 | 000,667,648 | ---- | C] () -- C:\WINDOWS\System32\FreeImage.dll [2010-11-10 17:40:19 | 003,538,944 | ---- | C] () -- C:\WINDOWS\System32\3D Matrix Corridors.scr [2010-11-07 16:11:03 | 000,000,095 | ---- | C] () -- C:\WINDOWS\FS115Dg.Ini [2010-10-25 18:07:20 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010-10-21 17:43:21 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\wojo\.recently-used.xbel [2010-04-28 15:42:43 | 000,000,051 | ---- | C] () -- C:\WINDOWS\HEXWORKS.INI [2010-01-09 17:48:39 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys [2010-01-02 23:08:30 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\wojo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-31 15:19:27 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2009-12-31 14:38:54 | 000,000,021 | -H-- | C] () -- C:\Documents and Settings\wojo\Ustawienia lokalne\Dane aplikacji\f90162846a294810057a5fec7ead6939.dat [2009-11-29 13:27:53 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2009-11-29 13:27:53 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2009-11-29 13:27:53 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2009-09-08 17:40:23 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI [2009-05-20 20:49:21 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dfxp11.dll [2009-05-20 20:49:20 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dfxg11.dll [2009-05-20 12:27:23 | 000,000,084 | ---- | C] () -- C:\WINDOWS\winamp.ini [2008-11-22 18:48:24 | 000,000,021 | ---- | C] () -- C:\WINDOWS\compedia.ini [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-09-29 17:56:51 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys [2008-09-29 17:56:51 | 000,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys [2008-08-24 13:35:21 | 000,000,787 | ---- | C] () -- C:\WINDOWS\HWORKS16.INI [2008-04-20 20:29:01 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2008-04-04 13:32:17 | 000,002,103 | ---- | C] () -- C:\WINDOWS\System32\KeybdIO.SYS [2008-03-24 10:29:55 | 000,143,104 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll2 [2008-03-01 14:21:45 | 000,139,008 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll1 [2008-02-25 22:10:04 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\wojo\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2008-01-02 20:14:44 | 000,000,163 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2007-12-22 13:35:53 | 000,000,082 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2007-12-21 19:15:13 | 000,003,240 | ---- | C] () -- C:\WINDOWS\jgvxcg24.ini [2007-12-17 20:00:50 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2007-12-04 10:07:55 | 000,100,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [2007-12-03 16:06:59 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis3pkt.sys [2007-12-03 16:02:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2007-11-06 19:08:34 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2007-10-26 16:35:49 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\wojo\Dane aplikacji\z bad na ok.bat [2007-10-26 16:32:22 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\wojo\Dane aplikacji\z ok na bad.bat [2007-10-03 19:02:14 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys [2007-10-03 19:02:14 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys [2007-09-13 10:04:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-09-11 20:07:04 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2007-09-04 21:27:41 | 000,000,904 | ---- | C] () -- C:\WINDOWS\VPlayer.INI [2007-07-16 17:50:51 | 000,000,187 | ---- | C] () -- C:\WINDOWS\disney.ini [2007-06-17 15:32:20 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2007-06-17 15:32:19 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2007-06-17 15:32:18 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2007-06-17 15:32:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2007-06-17 15:32:09 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2007-06-17 15:31:59 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2007-06-17 13:36:55 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2007-06-16 23:58:59 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007-06-16 23:44:41 | 002,115,816 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll [2007-06-16 23:33:20 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2007-06-16 23:15:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007-06-16 23:14:23 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\wojo\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2005-08-29 23:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll [2005-08-29 23:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll [2005-08-29 23:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll [2002-03-19 17:30:00 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\mag.dll [2002-03-19 16:30:00 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-18 12:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2008-12-26 14:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2007-10-03 19:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2008-08-07 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-20 09:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2008-03-14 11:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Hagel Technologies [2008-07-04 13:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\HDD Thermometer [2008-09-15 14:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-06-22 15:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-12-31 20:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-04-22 14:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2010-07-26 17:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PassMark [2008-09-15 14:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-07-31 13:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PDF Writer [2010-12-11 13:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Temp [2009-10-24 10:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrueCrypt [2010-12-04 13:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Softland [2010-04-28 09:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Softland [2010-04-20 09:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\ArcaVirMicroScan [2010-10-23 13:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Ashampoo [2008-03-10 16:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Auslogics [2008-04-02 17:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\BESTplayer [2009-09-06 16:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\BinarySense [2010-10-30 10:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Boilsoft [2008-04-09 17:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Convivea [2008-05-19 12:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\DAEMON Tools [2010-02-28 12:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\deluge [2010-11-25 08:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\DeskSoft [2010-03-20 09:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Gadu-Gadu 10 [2009-10-08 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\GlarySoft [2010-08-07 10:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\gtk-2.0 [2008-07-03 19:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\HDD Thermometer [2010-03-02 17:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\ipla [2010-01-02 21:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\JLC's Software [2010-08-04 12:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\KoshyJohn.com [2010-10-02 13:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\MD5 Checksum Verifier [2007-11-27 12:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\MichaelGraphics [2007-12-03 21:21:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\My Games [2008-09-15 14:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Nokia [2010-01-02 13:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Nowe Gadu-Gadu [2010-11-30 19:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\OpenCandy [2009-12-31 19:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\OpenFM [2009-01-31 15:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\OpenOffice.org [2007-06-17 12:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Opera [2008-09-15 14:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\PC Suite [2010-07-31 13:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\PDF Writer [2008-07-28 17:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\PowerRangers [2007-07-01 10:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Robots [2007-10-30 21:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\smc [2010-04-28 09:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Softland [2009-04-24 15:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\SpeedSim [2010-03-09 19:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\TeamViewer [2010-12-10 13:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Tlen.pl [2010-10-30 17:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\TrueCrypt [2010-01-02 19:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\Uniblue [2010-12-11 12:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\uTorrent [2010-06-13 12:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\uTorrent.old [2010-10-09 10:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\winxrar [2010-01-29 17:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\wojo\Dane aplikacji\XnView [2010-03-15 20:47:05 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\$~$Sys0$.job [2010-01-02 19:38:36 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job [2010-06-13 11:06:57 | 000,000,362 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job [2010-10-25 18:07:20 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [2010-07-04 19:39:55 | 000,000,104 | ---- | M] () -- C:\WINDOWS\Tasks\WinUtilities-02BB2F56CB964deb8996194DE7EB5275.job [2009-02-21 13:29:16 | 000,000,594 | ---- | M] () -- C:\WINDOWS\Tasks\Wise Disk Cleaner 4.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2007-06-16 22:11:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-07-27 17:32:07 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2007-06-16 22:11:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-01-29 17:46:38 | 000,000,278 | ---- | M] () -- C:\default.set [2007-06-16 22:11:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007-06-16 22:11:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-03-16 19:33:35 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-12-11 13:55:22 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [2010-11-24 11:38:25 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\AGP440.SYS [2004-08-04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 184 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:4BF2F6B5 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Temp:2BE9FEFC < End of report > [/log] [i][b]Logi z RSIT (info.txt, log.txt):[/b][/i] [log]info.txt logfile of random's system information tool 1.08 2010-12-11 14:44:00 ======Uninstall list====== -->MsiExec /X{D56B0E27-4A3E-46C9-B5C1-D93D580C099C} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7E518B2-B174-11D3-9D4E-0060B0A4823E}\setup.exe" -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"o:\uTorrent\uTorrent.exe" /UNINSTALL 3D Matrix Corridors 1.0-->"C:\Program Files\3D Matrix Corridors\unins000.exe" Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{8186E1B9-DDC6-45B6-B9EB-C28947CBC4CF} Adobe Flash Player 9 Plugin-->MsiExec.exe /X{685A56F8-75B6-44AD-B3DA-FB0A3266B47C} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" Aktualizacja dla systemu Windows XP (KB955704)-->"C:\WINDOWS\$NtUninstallKB955704$\spuninst\spuninst.exe" ALLPlayer V2.4-->"C:\Program Files\MarBit\ALLPlayer\unins000.exe" ALLPlayer V3.X-->"C:\Program Files\MarBit\ALLPlayer\unins000.exe" Alt-Tab Task Switcher Powertoy for Windows XP-->MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147} Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ashampoo Burning Studio 2009-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 2009\unins000.exe" Ashampoo Photo Commander 7.60-->"C:\Program Files\Ashampoo\Ashampoo Photo Commander 7\unins000.exe" Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE} ASUS WL-500gP V2 Wireless Router Utilities-->C:\Program Files\InstallShield Installation Information\{A4761FB2-072A-4F17-B4D7-C0640CF52D58}\setup.exe -runfromtemp -l0x0015 -removeonly ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AVIcodec (remove only)-->"C:\Program Files\AVIcodec\uninst.exe" Bit Che-->"C:\Program Files\Bit Che\unins000.exe" BlueSoleil-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\Setup.exe" -l0x9 Boilsoft Video Joiner 5.32-->"C:\Program Files\Boilsoft Video Joiner\unins000.exe" Boilsoft Video Splitter 5.01-->"C:\Boilsoft Video Splitter\unins000.exe" Boilsoft Video Splitter 6.11-->"C:\Program Files\Boilsoft Video Splitter\unins000.exe" Bullzip PDF Printer 7.1.0.1218-->"C:\Program Files\Bullzip\PDF Printer\unins000.exe" BurnInTest v6.0 Pro-->"C:\Program Files\BurnInTest\unins000.exe" Calculator Powertoy for Windows XP-->MsiExec.exe /I{B37C842A-B624-46B8-A727-654E72F1C91A} Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" ClearType Tuning Control Panel Applet-->MsiExec.exe /I{C9E4932C-8417-4E4C-A0E3-EE534810AB4D} CmdHere Powertoy For Windows XP-->MsiExec.exe /I{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C} Comodo Dragon-->C:\Program Files\Comodo\Dragon\Setup.exe COMODO Internet Security-->C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u DivX Setup-->C:\Documents and Settings\All Users\Dane aplikacji\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com Dodatek SP2 na potrzeby zgodności z poprzednimi wersjami Klienta programu Zarządzanie prawami Windows-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790} doPDF 7.2 printer-->"C:\Program Files\Softland\doPDF 7\unins000.exe" DOSBox 0.63-->"C:\Program Files\DOSBox\unins000.exe" Driver Magician 3.5-->"C:\Program Files\Driver Magician\unins000.exe" EarthView-->C:\Program Files\EarthView\Uninstall.exe EasyRecovery Professional Edition-->C:\Program Files\Ontrack\EasyRecovery\uninstal.exe C:\Program Files\Ontrack\EasyRecovery ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe Ext2 IFS 1.11a for Windows XP-->RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall 130 Ext2Ifs_for_NT501.inf FastStone Image Viewer 4.0-->C:\Program Files\FastStone Image Viewer\uninst.exe Foxit PDF Editor-->C:\Program Files\Foxit Software\PDF Editor\uninstall.exe Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe FuzzyLogic4-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\FuzzyLogic4\Uninst.isu" GIMP 2.6.6-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" Glary Utilities 2.18.0.786-->"C:\Program Files\Glary Utilities\unins000.exe" GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe" Google Chrome-->"C:\Program Files\Google\Chrome\Application\7.0.517.44\Installer\setup.exe" --uninstall --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} GPL Ghostscript Lite 8.70-->"C:\Program Files\Bullzip\PDF Printer\gs\unins001.exe" GTK2-Runtime-->C:\Program Files\GTK2-Runtime\gtk2_runtime_uninst.exe HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" Hellgate: London-->MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC} HTML Slideshow Powertoy for Windows XP-->MsiExec.exe /I{4E475FD4-4513-4B1D-8DDA-43912B068C99} Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29} Intel Application Accelerator-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9984DF60-1C5B-11D3-ACA1-908A4FC10801}\Setup.exe" -INTELUNINST Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF} Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} JDownloader-->d:\JDownloader\uninstall.exe KB980-->C:\WINDOWS\uninst.exe -fC:\KB980\DeIsL1.isu -cC:\KB980\_ISREG32.DLL Klient programu Zarządzanie prawami Windows z dodatkiem Service Pack 2-->MsiExec.exe /X{09A9504A-6DA0-40FC-A519-90BE04132685} K-Lite Codec Pack 6.5.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Liveupdate4-->"C:\Program Files\MSI\Live Update 4\unins000.exe" Magnifier Powertoy for Windows XP-->MsiExec.exe /I{2FBF04DC-404C-4FA4-BA28-99903080D2B9} MediaCoder 0.6.1-->C:\Program Files\MediaCoder\uninst.exe MediaInfo 0.7.37-->C:\Program Files\MediaInfo\uninst.exe Microsoft .NET Framework 1.1 Hotfix (KB886903)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp" Microsoft .NET Framework 1.1 Hotfix (KB925168)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M925168\M925168Uninstall.msp" Microsoft .NET Framework 1.1 Polish Language Pack-->MsiExec.exe /X{64CB2553-C109-4132-AA51-1F421B515FD1} Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003} Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918} Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} MultiRes (remove only)-->C:\Program Files\MultiRes\uninstal.exe NAPIPROJEKT 1.0.6.2-->"C:\Program Files\NAPI-PROJEKT\unins000.exe" Narzędzie Software Uninstall Utility firmy ATI-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe NOD32 Antivirus System-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL Nokia Connectivity Cable Driver-->MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48} NVIDIA PhysX v8.10.29-->MsiExec.exe /X{D56B0E27-4A3E-46C9-B5C1-D93D580C099C} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U OpenOffice.org 3.0-->MsiExec.exe /I{31BFEC6C-1F27-45B5-839C-BCBAE327993A} Opera 10.63-->MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95} Original War-->d:\Gry\Original War\\Uninstall.exe Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x9 PerfectDisk-->MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7} PITy 2008 dla Windows kompilacja:1.0.2.8-->"C:\Program Files\PITy\PITy2008NG\unins000.exe" PITy 2009 dla Windows kompilacja:1.1.2.8-->"C:\Program Files\PITy\PITy2009NG\unins000.exe" Poprawka Security Update dla produktu Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} QuickTime Alternative 1.76-->"C:\Program Files\QuickTime Alternative\unins000.exe" Radeon Omega Drivers v4.8.442 Setup Files and Tools-->"C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe" "/U:C:\Program Files\Radeon Omega Drivers\v4.8.442\Omega Uninstall.xml" Real Alternative 1.8.0-->"C:\Program Files\Real Alternative\unins000.exe" REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe -runfromtemp -l0x0015 -removeonly RGSS-RTP Standard-->MsiExec.exe /I{5A9FE525-8B8F-4701-A937-7F6745A4E9C7} Rollcage-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Psygnosis\Rollcage\Uninst.isu" Rozszerzenie HighMAT do Kreatora zapisywania dysku CD w systemie Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} Sacred Underworld-->"C:\Program Files\Ascaron Entertainment\Sacred Underworld\unins000.exe" Sacred-->"C:\Program Files\Ascaron Entertainment\Sacred\unins000.exe" Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Slideshow Generator Powertoy for Windows XP-->MsiExec.exe /I{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD} SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" Sp5-->MsiExec.exe /I{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C} Sp5Intl-->MsiExec.exe /I{FD4B33E1-24AE-4535-AA7B-162B30FB57CD} Sp5TTInt-->MsiExec.exe /I{E415C943-37E5-473F-8BAE-043C56734124} SpCommon-->MsiExec.exe /I{6C3959C6-943E-44B3-BAAD-570B04B134E5} SpPhones-->MsiExec.exe /I{4DFF1415-4C29-44A8-BFD4-2BCE249C4991} StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe SubEdit-Player-->"C:\Program Files\SubEdit-Player\unins000.exe" Sun xVM VirtualBox-->MsiExec.exe /I{27BF988A-AD38-41F2-8012-B797A2BC7285} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Tango 98 v.4.04-->"C:\Program Files\Novitus\Tango98\unins000.exe" The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe" TightVNC 1.3.10-->"C:\Program Files\TightVNC\unins000.exe" Timershot Powertoy for Windows XP-->MsiExec.exe /I{A743BBCC-3438-4BB3-8397-6C9D9AC125A6} Tlen.pl-->"C:\Program Files\Tlen.pl\uninstall.exe" TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u UE3Redist-->MsiExec.exe /X{6530FDAA-5B1F-4830-95BB-650E9804D239} Uniblue RegistryBooster 2010-->"C:\Program Files\Uniblue\RegistryBooster\unins000.exe" Unlocker 1.8.5-->C:\Program Files\Unlocker\uninst.exe VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} Virtual Desktop Manager Powertoy for Windows XP-->MsiExec.exe /I{F251B999-08A9-4704-999C-9962F0DFD88E} VLC media player 1.1.5-->C:\VLC\uninstall.exe Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinUtilities 9.75 Free Edition-->"C:\Program Files\WinUtilities\unins000.exe" Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4} ======Hosts File====== 127.0.0.1 localhost ======System event log====== Computer Name: FMX55 Event Code: 62486 Message: Invalid parameters Record Number: 62256 Source Name: ati2mtag Time Written: 20101121164418.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 62486 Message: Invalid parameters Record Number: 62255 Source Name: ati2mtag Time Written: 20101121164328.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 62486 Message: Invalid parameters Record Number: 62254 Source Name: ati2mtag Time Written: 20101121164328.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 62486 Message: Invalid parameters Record Number: 62253 Source Name: ati2mtag Time Written: 20101121164328.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 62486 Message: Invalid parameters Record Number: 62252 Source Name: ati2mtag Time Written: 20101121164328.000000+060 Event Type: informacje User: =====Application event log===== Computer Name: FMX55 Event Code: 0 Message: Service stopped Record Number: 5 Source Name: PDEngine Time Written: 20100313105645.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 0 Message: PerfectDisk Scheduler started. Record Number: 4 Source Name: PDAgent Time Written: 20100313104319.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 0 Message: Service started Record Number: 3 Source Name: PDEngine Time Written: 20100313104314.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 0 Message: Service started Record Number: 2 Source Name: PDAgent Time Written: 20100313104254.000000+060 Event Type: informacje User: Computer Name: FMX55 Event Code: 105 Message: The service was started. Record Number: 1 Source Name: ATI Smart Time Written: 20100313104215.000000+060 Event Type: informacje User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "KONCOWKA"=OF "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\GTK2-Runtime\bin "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel "PROCESSOR_LEVEL"=15 "PROCESSOR_REVISION"=0207 "TEMP"=C:\TEMP "TMP"=C:\TEMP "windir"=%SystemRoot% "HellgateEnv"=E:\Gry\Helgate London\ -----------------EOF----------------- [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by wojo at 2010-12-11 14:43:26 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 5 GB (23%) free of 20 GB Total RAM: 1279 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:43:56, on 2010-12-11 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Documents and Settings\wojo\Pulpit\RSIT\RSIT.exe C:\Program Files\trend micro\wojo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.moovielive.com/gears_app/opening_page_enu.jsp# R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownload.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C3D227B1-962B-4D5D-BEF0-BBD28AFCA6ED}: NameServer = 192.168.9.1 O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- End of file - 5465 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\$~$Sys0$.job C:\WINDOWS\tasks\GlaryInitialize.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb69dc855b0ed0.job C:\WINDOWS\tasks\Install_NSS.job C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job C:\WINDOWS\tasks\WinUtilities-02BB2F56CB964deb8996194DE7EB5275.job C:\WINDOWS\tasks\Wise Disk Cleaner 4.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-21 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-21 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-01-09 949376] "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-02-10 1800464] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-04-12 1135912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSSInstallation] C:\Program Files\DivX\Symantec\scstubinstaller.exe [2010-03-08 497016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2010-07-04 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"= scecli scecli [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoSharedDocuments"=1 "NoChangeKeyboardNavigationIndicators"=0 "NoDriveAutoRun"=0xFFFFFFFF "HonorAutorunSetting"=1 "NoRecentDocsNetHood"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "HonorAutorunSetting"=1 "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Tlen.pl\tlen.exe"="C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" "D:\Gry\Spellforce Solucje\Delfynn Delage\utorrent.exe"="D:\Gry\Spellforce Solucje\Delfynn Delage\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Virgin Interactive\Original War\OwarFull.dll"="C:\Program Files\Virgin Interactive\Original War\OwarFull.dll:*:Disabled:OwarFull" "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Download.exe"="C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Download.exe:*:Enabled:ASUS Download Master Utility" "F:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE"="F:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows" "F:\Inne Programy\Programy\avi\Odtwarzacze\VLC\vlc.exe"="F:\Inne Programy\Programy\avi\Odtwarzacze\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe"="C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Disabled:DarkCrusade" "C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-500gP V2 Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\uTorrent\uTorrent.exe"="E:\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Beta StarCraft II\StarCraft II.exe"="C:\Program Files\Beta StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher" "C:\Program Files\Beta StarCraft II\Versions\Base14803\SC2.exe"="C:\Program Files\Beta StarCraft II\Versions\Base14803\SC2.exe:*:Enabled:StarCraft II" "C:0\uTorrent\uTorrent.exe"="C:0\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:1\uTorrent\uTorrent.exe"="C:1\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:2\uTorrent\uTorrent.exe"="C:2\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:3\uTorrent\uTorrent.exe"="C:3\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:4\uTorrent\uTorrent.exe"="C:4\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:5\uTorrent\uTorrent.exe"="C:5\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:6\uTorrent\uTorrent.exe"="C:6\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:\Program Files\TightVNC\vncviewer.exe"="C:\Program Files\TightVNC\vncviewer.exe:*:Enabled:vncviewer" "C:\Program Files\TightVNC\WinVNC.exe"="C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server" "C:7\uTorrent\uTorrent.exe"="C:7\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:8\uTorrent\uTorrent.exe"="C:8\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "O:\utorrent.exe"="O:\utorrent.exe:*:Enabled:µTorrent" "O:\uTorrent\utorrent.exe"="O:\uTorrent\utorrent.exe:*:Enabled:µTorrent" "D:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE"="D:\Inne Programy\Programy\Narzedzia i inne\totalcmd702a\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows" "D:\Gry\Original War\OwarFull.dll"="D:\Gry\Original War\OwarFull.dll:*:Enabled:OwarFull" "E:\Gry\Warcraft III\War3.exe"="E:\Gry\Warcraft III\War3.exe:*:Enabled:Warcraft III" "C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe"="C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe:*:Enabled:Rollcage Main Game Executable" "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper" "E:\Gry\StarCraft II\StarCraft II.exe"="E:\Gry\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher" "E:\Gry\StarCraft II\Versions\Base15405\SC2.exe"="E:\Gry\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "E:\Gry\Helgate London\Launcher.exe"="E:\Gry\Helgate London\Launcher.exe:*:Enabled:Hellgate: London" "C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-12-11 13:30:42 ----D---- C:\_OTL 2010-12-11 13:05:53 ----D---- C:\Program Files\trend micro 2010-12-11 13:05:47 ----D---- C:\rsit 2010-12-05 14:52:05 ----D---- C:\WINDOWS\XSxS 2010-12-05 14:52:05 ----D---- C:\Program Files\Xenocode 2010-12-04 13:37:34 ----A---- C:\WINDOWS\system32\dopdfmn7.dll 2010-12-04 13:37:34 ----A---- C:\WINDOWS\system32\dopdfmi7.dll 2010-12-04 13:37:29 ----D---- C:\Program Files\Softland 2010-11-30 19:23:58 ----D---- C:\Program Files\AVIcodec 2010-11-30 19:13:59 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\OpenCandy 2010-11-30 19:13:56 ----D---- C:\Program Files\MediaInfo 2010-11-30 18:57:57 ----A---- C:\WINDOWS\avisplitter.ini 2010-11-30 18:57:53 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2010-11-30 18:57:53 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2010-11-30 18:57:53 ----A---- C:\WINDOWS\system32\xvidcore.dll 2010-11-30 18:57:52 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2010-11-30 18:57:52 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2010-11-30 18:53:03 ----A---- C:\WINDOWS\system32\unrar.dll 2010-11-30 18:52:49 ----D---- C:\Program Files\K-Lite Codec Pack 2010-11-25 08:42:29 ----D---- C:\Program Files\EarthView 2010-11-25 08:42:29 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\DeskSoft 2010-11-21 19:42:33 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun 2010-11-21 19:42:11 ----A---- C:\WINDOWS\system32\javaws.exe 2010-11-21 19:42:11 ----A---- C:\WINDOWS\system32\javaw.exe 2010-11-21 19:42:11 ----A---- C:\WINDOWS\system32\java.exe 2010-11-21 19:42:11 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-11-14 12:14:31 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\vlc ======List of files/folders modified in the last 1 months====== 2010-12-11 14:43:41 ----D---- C:\TEMP 2010-12-11 14:01:24 ----D---- C:\Program Files\Mozilla Firefox 2010-12-11 13:58:30 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-11 13:57:21 ----D---- C:\WINDOWS 2010-12-11 13:56:23 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\Temp 2010-12-11 13:30:48 ----D---- C:\WINDOWS\system32 2010-12-11 13:05:53 ----RD---- C:\Program Files 2010-12-11 12:31:35 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\uTorrent 2010-12-11 12:01:04 ----SHD---- C:\WINDOWS\CSC 2010-12-10 13:06:08 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\Tlen.pl 2010-12-07 21:00:18 ----A---- C:\WINDOWS\VPlayer.INI 2010-12-05 20:10:57 ----D---- C:\Program Files\TightVNC 2010-12-04 13:38:20 ----RSD---- C:\WINDOWS\assembly 2010-12-03 17:14:23 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\Identities 2010-12-02 12:24:57 ----D---- C:\Documents and Settings\wojo\Dane aplikacji\Media Player Classic 2010-11-30 19:34:53 ----D---- C:\Program Files\The KMPlayer 2010-11-28 22:17:09 ----D---- C:\WINDOWS\system32\drivers\UMDF 2010-11-24 12:15:32 ----D---- C:\Program Files\Foxit Software 2010-11-21 19:42:32 ----SHD---- C:\WINDOWS\Installer 2010-11-21 19:42:29 ----D---- C:\Program Files\Common Files\Java 2010-11-21 19:41:36 ----D---- C:\Program Files\Java 2010-11-20 12:51:37 ----D---- C:\WINDOWS\system 2010-11-14 12:14:11 ----D---- C:\VLC ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 agp440;Filtr magistrali AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368] R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271] R0 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2006-08-10 62480] R0 IdeBusDr;IdeBusDr; C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys [2002-10-14 13891] R0 IdeChnDr;Intel(R) Ultra ATA Controller; C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys [2002-10-14 101431] R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-02-10 87104] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-05-19 717296] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544] R1 atitray;atitray; \??\C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys [] R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-02-10 134344] R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-02-10 25160] R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-09-25 181120] R1 IfsMount;IfsMount; C:\WINDOWS\system32\DRIVERS\ifsmount.sys [2008-08-28 51072] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 KeybdIO;KeybdIO; \??\C:\WINDOWS\system32\KeybdIO.sys [] R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-01-09 15424] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-10-25 231248] R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2009-01-21 100560] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2009-01-21 41680] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032] R2 A4SII300;A4SII300; C:\WINDOWS\System32\drivers\A4SII300.SYS [1998-02-26 25632] R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-01-09 512096] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16512] R2 rspndr;Responder odnajdywania topologii warstwy łącza; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-07-04 3565056] R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480] R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 ms_mpu401;Sterownik portu MIDI UART Microsoft MPU-401; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-17 5888] R3 RTL8023;%Rtlnic.Service.DispName%; C:\WINDOWS\system32\DRIVERS\Rtenic.sys [2010-07-04 107264] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2001-07-25 438200] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2009-01-21 87312] R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312] R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148] R3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2005-04-30 11736] S2 AgentCD;DriverAgent Class Driver; C:\WINDOWS\System32\agentcd.sys [] S3 a1kbburh;a1kbburh; C:\WINDOWS\system32\drivers\a1kbburh.sys [] S3 ar960ryq;ar960ryq; C:\WINDOWS\system32\drivers\ar960ryq.sys [] S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS [] S3 ATIAVAIW;ATI T200 Unified AVStream service; C:\WINDOWS\system32\DRIVERS\atinavt2.sys [2008-05-15 171520] S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000] S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys [] S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-07-05 85969] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232] S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys [] S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys [] S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys [] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NDIS3Pkt;NDIS 3.0 Packet Driver; C:\WINDOWS\System32\drivers\ndis3pkt.sys [2007-12-03 13192] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-11-28 52800] S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384] S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 tunmp;Sterownik karty Microsoft Tun Miniport; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [] S3 VBoxUSB;VirtualBox USB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [2009-01-21 31824] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WRSWanDD;WinPoET PPPoE Adapter; C:\WINDOWS\system32\DRIVERS\WrKPoETNic2000.sys [2007-07-04 65604] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688] S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-07-04 602112] R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592] R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-02-10 723632] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-21 153376] R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-01-09 552064] R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2006-08-25 439824] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [2006-08-25 566800] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920] S2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376] S4 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-30 135664] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880] S4 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] -----------------EOF----------------- [/log] 3. Proszę o poradę najlepiej od osób [b]Tomek01, Sohei, jesiona, MarekM25[/b] (nie chciał bym po wykonaniu skryptu reinstalować systemik ). Czy coś jeszcze powinienem zrobić? Jest duże prawdopodobieństwo że coś jeszcze u mnie siedzi więc bardzo proszę o informację co jeszcze powinienem zrobić. Z góry wszystkim dziękuję i pozdrawiam, wojopl
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.